Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/I1a0l969ymsZaLQ8q5TTqfIJz2w.roa
File: I1a0l969ymsZaLQ8q5TTqfIJz2w.roa (raw, json)
Hash identifier: rUHEwHSxxaHIJK3+oiyAqkBrkaQB8icUpV6YwfE4jnQ=
Subject key identifier: 23:56:B4:97:DE:BD:CA:6B:19:68:B4:3C:AB:94:D3:A9:F2:09:CF:6C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0195B396A8B5BB6A1511A49992FE35005043
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/I1a0l969ymsZaLQ8q5TTqfIJz2w.roa
Signing time: Thu 20 Mar 2025 12:45:50 +0000
ROA not before: Thu 20 Mar 2025 12:45:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61116
IP address blocks: 93.171.169.0/24 maxlen: 24
93.171.225.0/24 maxlen: 24
95.46.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b3:96:a8:b5:bb:6a:15:11:a4:99:92:fe:35:00:50:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Mar 20 12:45:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2356b497debdca6b1968b43cab94d3a9f209cf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:68:1c:f1:22:b8:e5:c1:8d:04:67:19:80:dc:
d5:42:d0:61:86:48:5f:46:99:d3:6f:a8:96:86:6a:
89:1f:d4:65:35:43:16:8e:26:8f:4d:32:eb:ca:d4:
da:d7:c1:12:6c:78:0c:4b:60:ba:07:25:d4:3f:fc:
9b:0c:b9:81:fd:32:e8:da:04:cf:65:06:24:34:65:
8d:5f:55:83:55:33:4c:ca:1b:ca:45:a5:74:90:72:
a3:e1:89:25:f6:77:45:97:f7:4a:eb:dd:f1:97:3f:
67:26:67:4d:54:a0:bb:31:fe:3d:c7:e4:d0:02:2c:
04:34:5c:ba:95:07:aa:99:18:85:52:42:ff:9e:23:
21:06:d3:01:a4:b3:82:7d:9f:44:45:d3:5e:3b:c6:
3a:1d:24:32:9b:fd:33:d3:7b:8c:a0:74:ac:30:98:
57:c8:63:62:e1:46:24:86:a8:8c:1c:3a:d9:23:c5:
02:50:5c:1e:86:0c:a2:1d:af:1f:67:24:f9:59:5e:
30:de:2e:be:fc:bd:a3:7f:36:55:c9:6b:e8:96:df:
00:ca:3a:1c:e1:1c:44:89:8d:1c:9b:c7:77:bf:2c:
02:69:1a:06:45:ea:5d:90:6e:b9:0f:3c:ce:c1:c5:
c1:a9:a0:b0:d1:64:a0:71:4b:f4:10:1b:e6:08:bb:
7a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:56:B4:97:DE:BD:CA:6B:19:68:B4:3C:AB:94:D3:A9:F2:09:CF:6C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/I1a0l969ymsZaLQ8q5TTqfIJz2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.169.0/24
93.171.225.0/24
95.46.155.0/24
Signature Algorithm: sha256WithRSAEncryption
74:91:b8:8c:9a:d9:6a:b3:2d:20:01:4c:6b:36:37:d7:72:e9:
1e:d8:83:3e:13:8a:a7:d9:4e:d5:52:f2:82:fc:ea:7b:49:dc:
c8:93:fd:71:61:cb:bb:73:0d:74:42:14:01:a8:22:eb:7e:64:
0d:0b:27:c1:90:01:af:23:ac:e2:98:51:70:dc:4d:73:eb:74:
e1:e1:1f:75:68:d1:96:c8:07:90:a8:6e:e0:ca:3c:3c:04:9c:
69:73:81:7d:5b:9a:2e:0b:40:7f:e6:8a:2b:bc:3a:02:e7:90:
5d:c9:1d:fd:fe:bf:7e:20:71:9e:fa:d4:eb:78:6e:62:dc:4e:
13:d5:b3:e6:bc:9a:80:04:a8:a6:5a:5b:99:db:29:a3:23:d5:
04:25:43:c5:52:68:8b:13:34:ff:4e:19:1c:65:14:ae:af:c8:
98:f3:46:93:94:b4:e9:55:df:89:29:f5:03:ad:a4:24:ce:3f:
da:ae:79:cc:74:0f:26:3f:43:98:2d:49:f3:5f:c8:c6:15:5a:
15:5f:b8:b3:dd:11:0d:dc:f6:8e:35:8b:25:3b:0f:87:04:63:
c2:33:28:97:cf:b9:a1:b4:a4:d1:d4:48:9f:f5:9b:5e:28:31:
5b:5d:60:d3:c6:08:94:cf:03:cd:c0:5d:7c:ab:1c:14:13:4e:
16:5e:cd:e8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWzlqi1u2oVEaSZkv41AFBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMzIwMTI0NTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzU2YjQ5N2RlYmRjYTZiMTk2OGI0M2NhYjk0ZDNhOWYyMDljZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32gc8SK45cGNBGcZgNzVQtBhhkhf
RpnTb6iWhmqJH9RlNUMWjiaPTTLrytTa18ESbHgMS2C6ByXUP/ybDLmB/TLo2gTP
ZQYkNGWNX1WDVTNMyhvKRaV0kHKj4Ykl9ndFl/dK693xlz9nJmdNVKC7Mf49x+TQ
AiwENFy6lQeqmRiFUkL/niMhBtMBpLOCfZ9ERdNeO8Y6HSQym/0z03uMoHSsMJhX
yGNi4UYkhqiMHDrZI8UCUFwehgyiHa8fZyT5WV4w3i6+/L2jfzZVyWvolt8Ayjoc
4RxEiY0cm8d3vywCaRoGRepdkG65DzzOwcXBqaCw0WSgcUv0EBvmCLt6gwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCNWtJfevcprGWi0PKuU06nyCc9sMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSTFhMGw5Njl5bXNaYUxROHE1VFRxZklKejJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXaupAwQA
XavhAwQAXy6bMA0GCSqGSIb3DQEBCwUAA4IBAQB0kbiMmtlqsy0gAUxrNjfXcuke
2IM+E4qn2U7VUvKC/Op7SdzIk/1xYcu7cw10QhQBqCLrfmQNCyfBkAGvI6zimFFw
3E1z63Th4R91aNGWyAeQqG7gyjw8BJxpc4F9W5ouC0B/5oorvDoC55BdyR39/r9+
IHGe+tTreG5i3E4T1bPmvJqABKimWluZ2ymjI9UEJUPFUmiLEzT/ThkcZRSur8iY
80aTlLTpVd+JKfUDraQkzj/arnnMdA8mP0OYLUnzX8jGFVoVX7iz3REN3PaONYsl
Ow+HBGPCMyiXz7mhtKTR1Eif9ZteKDFbXWDTxgiUzwPNwF18qxwUE04WXs3o
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:48 2025 by rpki-client